From owner-cvs-all  Tue Jul  4  9:14:56 2000
Delivered-To: cvs-all@freebsd.org
Received: from fledge.watson.org (fledge.watson.org [204.156.12.50])
	by hub.freebsd.org (Postfix) with ESMTP
	id A434E37B585; Tue,  4 Jul 2000 09:14:46 -0700 (PDT)
	(envelope-from robert@fledge.watson.org)
Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3])
	by fledge.watson.org (8.9.3/8.9.3) with SMTP id MAA00346;
	Tue, 4 Jul 2000 12:14:33 -0400 (EDT)
	(envelope-from robert@fledge.watson.org)
Date: Tue, 4 Jul 2000 12:14:33 -0400 (EDT)
From: Robert Watson <rwatson@FreeBSD.ORG>
X-Sender: robert@fledge.watson.org
To: Wes Morgan <morganw@chemicals.tacorp.com>
Cc: Brian Feldman <green@FreeBSD.ORG>, cvs-committers@FreeBSD.ORG,
	cvs-all@FreeBSD.ORG
Subject: Re: cvs commit: src/crypto/openssh sshd.c
In-Reply-To: <Pine.BSF.4.21.0007040918400.70488-100000@volatile.chemicals.tacorp.com>
Message-ID: <Pine.NEB.3.96L.1000704121214.99862C-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


I must have missed that commit while catching up from travel.  I don't
like that technique for restarting daemons -- for one thing, it relies on
/proc being mounted.  I have a continuing strong objection to the presence
of "file" in /proc in the first place, as I don't feel it substantially
contributes to useful functionality in /proc.  While the switch from vnode
reference to symlink is an improvement, I'm still not sure any of the
associated complexity is a good idea.  Does anything actually rely on this
behavior, other than sshd now?

On Tue, 4 Jul 2000, Wes Morgan wrote:

> I hope that there is no way ever in 1e6 years that someone will be able to
> subvert /proc/curproc and get sshd to execute the program of his choice as
> root when it gets HUP'd. I can't think of any way possible, but there are
> 6 billion people out there besides me.
> 
> 
> On Tue, 4 Jul 2000, Brian Feldman wrote:
> 
> > green       2000/07/04 08:46:10 SAST
> > 
> > FreeBSD International Crypto Repository
> > 
> >   Modified files:
> >     crypto/openssh       sshd.c 
> >   Log:
> >   MFF:
> >   Allow restarting on SIGHUP when the full path was not given as argv[0].
> >   We do have /proc/curproc/file :)
> >   
> >   Revision  Changes    Path
> >   1.13      +2 -1      src/crypto/openssh/sshd.c
> > 
> > 
> > 
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe cvs-all" in the body of the message
> > 
> 
> -- 
>                                            _ __ ___ ____  ___ ___ ___
>           Wesley N Morgan                       _ __ ___ | _ ) __|   \
>           wesleymorgan@home.com                     _ __ | _ \._ \ |) |
>           FreeBSD: The Power To Serve                  _ |___/___/___/
> Hi! I'm a .signature virus! Copy me into your ~/.signature to help me spread!
> 
> 
> 


  Robert N M Watson 

robert@fledge.watson.org              http://www.watson.org/~robert/
PGP key fingerprint: AF B5 5F FF A6 4A 79 37  ED 5F 55 E9 58 04 6A B1
TIS Labs at Network Associates, Safeport Network Services



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message